'[Trousers-cvs] trousers/src/tspi tsp_auth.c'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       trousers-cvs
Subject:    [Trousers-cvs] trousers/src/tspi tsp_auth.c
From:       Rajiv Andrade <phreakz () users ! sourceforge ! net>
Date:       2009-07-16 12:42:04
Message-ID: E1MRQHk-0002qJ-Cm () ddv4jf1 ! ch3 ! sourceforge ! com
[Download RAW message or body]

Update of /cvsroot/trousers/trousers/src/tspi
In directory ddv4jf1.ch3.sourceforge.com:/tmp/cvs-serv10908/src/tspi

Modified Files:
	tsp_auth.c 
Log Message:
The following fix corrects a couple of problems in the tsp_auth.c file.
    1. The return value from validateReturnAuth was wrong.
    2. authsess_callback_hmac must return TPM_E_AUTHFAIL if the hmac digest does not match.
    3. authsess_xsap_init used the wrong handle when getting the object policy.

Signed-off-by: Wyllys Ingersoll <wyllys.ingersoll@sun.com>


Index: tsp_auth.c
===================================================================
RCS file: /cvsroot/trousers/trousers/src/tspi/tsp_auth.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -C2 -d -r1.17 -r1.18
*** tsp_auth.c	17 Dec 2007 23:35:15 -0000	1.17
--- tsp_auth.c	16 Jul 2009 12:42:02 -0000	1.18
***************
*** 360,364 ****
  	HMAC_Auth(secret, hash, auth);
  
! 	return (TSS_BOOL) memcmp(digest, &auth->HMAC, 20);
  }
  
--- 360,364 ----
  	HMAC_Auth(secret, hash, auth);
  
! 	return ((TSS_BOOL) memcmp(digest, &auth->HMAC, 20) != 0);
  }
  
***************
*** 756,759 ****
--- 756,761 ----
  			   hmacVerify.digest);
  		result = memcmp(rgbHmacData, hmacVerify.digest, ulSizeDigestHmac);
+ 		if (result)
+ 			result = TPM_E_AUTHFAIL;
  	}
  
***************
*** 912,916 ****
  			 * auth if none is set in the NV object */
  			if (!sess->hUsageChild) {
! 				if ((result = obj_context_get_policy(obj_child, TSS_POLICY_USAGE,
  								     &sess->hUsageChild)))
  					goto error;
--- 914,918 ----
  			 * auth if none is set in the NV object */
  			if (!sess->hUsageChild) {
! 				if ((result = obj_context_get_policy(tspContext, TSS_POLICY_USAGE,
  								     &sess->hUsageChild)))
  					goto error;


------------------------------------------------------------------------------
Enter the BlackBerry Developer Challenge  
This is your chance to win up to $100,000 in prizes! For a limited time, 
vendors submitting new applications to BlackBerry App World(TM) will have
the opportunity to enter the BlackBerry Developer Challenge. See full prize  
details at: http://p.sf.net/sfu/Challenge
_______________________________________________
Trousers-cvs mailing list
Trousers-cvs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/trousers-cvs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic